A method for implementing an industrial firewall for ethernet/ip protocol dynamic tracking

An industrial firewall and dynamic tracking technology, applied in transmission systems, electrical components, etc., can solve problems such as the vulnerability of server industrial networks to attacks, avoid major losses, maintain normal operation, and improve commissioning efficiency.

Active Publication Date: 2019-12-10
青岛海天炜业过程控制技术股份有限公司
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0010] The above existing technologies have obvious shortcomings: only the most basic protection is carried out in the process of Ethernet / IP communication, and the protected information can be easily obtained by attackers. Very basic data, servers and even the entire industrial network are still extremely vulnerable to attacks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method for implementing an industrial firewall for ethernet/ip protocol dynamic tracking

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0033] The invention is a method for dynamically tracking the session of the application layer of the Ethernet / Ip protocol in the communication process of the industrial network environment. In the industrial network environment, the protection of the firewall for Ethernet / IP is only to analyze and filter the Ethernet / IP data flow passing through the firewall according to the predefined access control strategy and security protection strategy, and to detect the content of the data packet through deep detection of DPI. rationality. As an important and complex industrial communication protocol, Ethernet / IP is far from enough to achieve this kind of protection.

[0034] The Ethernet / Ip application layer session dynamic tracking method proposed by the present invention is based on the use of the SessionHandle field in the Ethernet / Ip protocol. This field is highly complex and can precisely control the application layer session. The main steps of the method are divided into two ste...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an Ethernet / Ip application layer session dynamic tracking method which is based on use of a SessionHandle field in an Ethernet / Ip protocol. The field is high in implementation complexity and can accurately control a session of an application layer. The method mainly comprises two steps of: firstly, acquiring SessionHandle; and secondly, using the SessionHandle, wherein in the process of monitoring session communication, filtering and screening are carried out on communication data packets, and once a request data packet and a response data packet of a consultation SessionHandle client are detected out, SessionHandle of the response packet is cut out and added into a link table using a HASH value calculated by tuple information of the data packet as a link table node; and after the SessionHandle is acquired, besides normal protection, SessionHandle tracking is carried out on all the following data packets, and according to a SessionHandle value stored in the link table, all the protocol communication data packets are continuously matched to implement dynamic tracking. The method can solve the problems of poor protection intensity and small protection coverage of the Ethernet / Ip protocol.

Description

technical field [0001] The invention belongs to the technical field of industrial firewall deep protection, and in particular relates to a method for realizing the dynamic tracking of the industrial firewall of the Ethernet / IP protocol. Background technique [0002] At present, the protection of Ethernet / IP in the industrial protection wall is mainly field protection and Tcp / IP session tracking protection. Field protection is mainly divided into two parts, field rationality check and field specific value matching. One way is that the entire protection process is mainly based on firewall configuration rules issued by the CMP management end and Tcp / IP session connection tracking implemented in the firewall system. [0003] Based on the non-IP communication mode, the SA firewall receives the management data packet from the firewall configuration CMP, parses the rules in the data packet to the protection wall, and filters and detects the data passing through the firewall. Use t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/02H04L63/0227
Inventor 彭亮韩涛李龙飞王明军郝庆贺
Owner 青岛海天炜业过程控制技术股份有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap